7.2. Enhancements

This release of EAP 6 includes an enhancement to the clustering system. The Infinispan subsystem can automatically gather usage statistics. It is possible to enable or disable statistics explicitly per cache container and per cache.

These statistics can help profile and debug applications and caches, however their use incurs a small overhead. They are disabled by default and can be enabled if needed.

Domain Management

1052187 - Make FACILITY for audit log over syslog configurable in the management model

In previous versions of JBoss EAP 6 the audity log syslog-handler's facility was not configurable in the management console and a default facility was used. The facility has been exposed in this release of the product as part of the core-service=management/access=audit/syslog-handler=* resource and can now be configured as required.

1053355 - Make appName for audit log over syslog configurable in the management model

Previous versions of JBoss EAP 6 did not allow application names to be configurable in the management model.

As a consequence, a default appName was used.

In this release of the product, the application name has been exposed as part of the core-service=management/access=audit/syslog-handler=* resource and the name is now configurable.

976228 - Operation which require server reload should check if something was changed

In earlier versions of JBoss EAP 6, some operations which did not effectively change the status of the server would put it in reload-required mode.

The was because the system did not check if the operation would effectively change the configuration.

In this release, if checks confirm that the configuration of the server was not changed by the operation, a reload is not required. This change does not cover every possible case.

In previous versions of JBoss EAP 6 TRACE and DEBUG logging had not been added to the LDAP interactions within the security realms. This made diagnosing authentication issues where LDAP is in use extremely difficult as no logging was available.

Verbose TRACE logging for the loading of groups has been added in this release and is now logged to the org.jboss.as.domain.management.security category. This new logging has been limited to the TRACE level due to the verbosity at the DEBUG level.

Customers can now use these logs to diagnose LDAP related issues with security realms.

This release of JBoss EAP 6 contains an enhancement with an increase in the number of checks performed to guarantee the page counter is synced properly. This enhancement was added as it was found that, in earlier versions of the product, the page counter could get out of sync between paged messages and what was stored on the journal which could lead to negative delivering numbers. The extra checks prevent this from happening.

In this release of JBoss EAP 6, the XML schema for the messaging subsystem is annotated with descriptions of the attributes and types. This enhancement is intended to help developers write the corresponding XML configuration.

1014099 - WARN HQ222180: There are no queues bound into Dead Letter Address jms.queue.DLQ. Messages will ... during start

This release of JBoss EAP 6 includes an enhancement to the messaging subsystem configuration which now includes two JMS queues for the dead letter queue and the expiry queue.

In older releases the default address settings were configured to send expired messages to an expiry address and undelivered messages to a dead letter address. However there were no queues bound to theses address and it resulted in message loss preventing administrators to examine these messages and diagnostic potential application issues.

Expired messages will now be stored in the DLQ queue and undelivered messages will now be stored in the ExpiryQueue.

This release of JBoss EAP 6 introduces the ability for users to create custom logging formatters for use in any handler via the command line interface or configuration XML. Handlers now override setFormatter(...) and use the custom formatter.

A new feature has been incorporated into the PicketLink component of this version of JBoss EAP 6. In this release the the principal that gets sent to the AttributeManager has been made configurable.

When using PicketLink with JBoss Negotiation, the principal that is sent to the AttributeManager is a hashed string and not the username. This can result failed lookups if the mapping provider uses the principal to look up any attributes.

An update to this release of JBoss EAP 6 introduces an upstream PicketLink feature that allows the FormAuthenticatorcharacterEncoding parameter to be used for requests in IDPWebBrowserSSOValve.

Security

Features have been added in this version of JBoss EAP 6 that allow users to improve the security of passwords and other sensitive strings used in configuration files.

These include the ability to use your own implementation of SecurityVault to mask passwords and other sensitive attributes in configuration files, and password vault support for SSL connections used by the CLI Console configuration file (jboss-cli.xml).

Please refer to the Security Guide for documentation on using these new features.

Web

900786 - Add a redirect-port from socket-binding to the web connector config

In releases of JBoss EAP prior to 6.3 socket-binding could not be used to define the redirect-port.

That ability has been added in this release of the product and users can now use the new attribute redirect-binding of the connector element to define the redirect port instead of using the redirect-port attribute. This new attribute takes a socket binding name as value.

Where did the comment section go?

Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.